macro virus – Page 18 – WindowsTechs.com

Italian language zeus panda from macro word docs inside zips

Posted on May 23, 2017 by Myonlinesecurity

Getting several different Italian Language malspam emails with various subjects pretending to come from various Italian email addresses with zip attachments that contain a malicious macro enabled word doc that delivers Zeus Panda They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. … Continue reading → Continue reading Italian language zeus panda from macro word docs inside zips→

Copy of Invoice1234567 coming from noreply@ delivers jaff ransomware

Posted on May 22, 2017 by Myonlinesecurity

Continuing with the latest series of emails with pdf attachments that drops a malicious macro enabled word doc is an email with the subject of 43412591 ( random numbers) pretending to come from noreply@ random companies that delivers Jaff ransomware They are using email addresses and subjects that will scare or entice … Continue reading → Continue reading Copy of Invoice1234567 coming from noreply@ delivers jaff ransomware→

blank email with zip attachment containing a word doc with OLE embedded js delivers GlobeImposter 2.0 ransomware

Posted on May 21, 2017 by Myonlinesecurity

An empty blank email with no subject pretending to come from jhavens@mt.gov with a zip file that contains malicious word doc with an embedded OLE object delivers GlobeImposter 2.0 ransomware They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very … Continue reading → Continue reading blank email with zip attachment containing a word doc with OLE embedded js delivers GlobeImposter 2.0 ransomware→

big changes in fedex fake delivery emails. Now using macros

Posted on May 18, 2017 by Myonlinesecurity

An email with the subject of FedEx Parcel #262844740, Delivery Unsuccessful pretending to come from FedEx Customer Service <tamawuv52640888@soie.in> ( random email addresses) with a malicious word doc attachment delivers multiple malware We are used to seeing these fake FedEx and other parcel delivery services emails, but they usually contain zip files and js … Continue reading → Continue reading big changes in fedex fake delivery emails. Now using macros→

fake parcel delivery services malspam with word doc attachment delivers ursnif banking Trojan

Posted on May 18, 2017 by Myonlinesecurity

A slightly different one today and I am not sure how many recipients will be infected by this. On my server, some are being delivered with the word doc attachment, but about half are just getting the email body with an HTML attachment which has the same details as the email body and … Continue reading → Continue reading fake parcel delivery services malspam with word doc attachment delivers ursnif banking Trojan→

More Japanese language ursnif delivered by spoofed japan express malspam using word docs with embedded ole objects inside zip files

Posted on May 18, 2017 by Myonlinesecurity

Continuing with the never ending series of Japanese language malspam malware downloaders delivering Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of 支払条件確認書 (Terms of payment Confirmation) pretending to come from random Japanese email addresses with a zip file containing a malicious word doc attachment that … Continue reading → Continue reading More Japanese language ursnif delivered by spoofed japan express malspam using word docs with embedded ole objects inside zip files→

fake Bankline RSA You have received a new Bankline Secure Message delivers trickbot

Posted on May 17, 2017 by Myonlinesecurity

An email with the subject of You have received a new Bankline Secure Message pretending to come from Bankline RSA but actually coming from a look-a-like domain Bankline RSA <SecureMessage@banklinersa.co.uk> with a malicious word doc attachment is today’s latest spoof of a well known company, bank or public authority delivering Trickbot banking … Continue reading → Continue reading fake Bankline RSA You have received a new Bankline Secure Message delivers trickbot→

Japanese language parking violation malspam delivers Ursnif

Posted on May 17, 2017 by Myonlinesecurity

It looks like the Japanese malspams are also trying the parking or speeding fine approach. Continuing with the never ending series of Japanese language malspam malware downloaders delivering Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of 駐禁報告書 ( Invitation Report) or (The report of the bicycle ) depending … Continue reading → Continue reading Japanese language parking violation malspam delivers Ursnif→

pdf pretending to come from your own email address delivers jaff ransomware

Posted on May 16, 2017 by Myonlinesecurity

Continuing with the latest series of emails with pdf attachments that drops a malicious macro enabled word doc is an email with the subject of Emailing: 2650032.pdf ( random numbers) pretending to come from random names at your own email address that delivers Jaff ransomware They are using email addresses and subjects … Continue reading → Continue reading pdf pretending to come from your own email address delivers jaff ransomware→

Even more Japanese language malspam delivering Ursnif banking trojan

Posted on May 16, 2017 by Myonlinesecurity

Continuing with the mass of Japanese language malspam delivering Ursnif /Gozi / ISFB banking Trojan is yet another email with the subject of 保安検査 ( Security Check) pretending to come from with a malicious word doc attachment that contains embedded ole objects where you have to manually click on the blurry … Continue reading → Continue reading Even more Japanese language malspam delivering Ursnif banking trojan→